{"title":"Hiding in a virtual world: Using unconventionally installed operating systems","authors":"R. Bares","doi":"10.1109/ISI.2009.5137326","DOIUrl":null,"url":null,"abstract":"Necessity is the mother of invention, and necessity has produced many software and hardware tools in the realm of computer networking and security to overcome problems encountered in the private and public sector. Unconventionally installed operating systems including virtual machines, operating systems installed on removable media and external storage drives are some recent inventions. These tools have been very useful to network administrators, but they can also be used in ways not intended by their creators in an attempt to mask the activities of a user. This paper will attempt to evaluate the possibility of using these unconventionally installed operating systems in an attempt to hide one's activities from conventional digital forensic tools. This evaluation will be conducted by repeating a series of tests inside a virtual environment, then overwriting the virtual environment flat file and having the host computer imaged and examined by forensic tools.","PeriodicalId":210911,"journal":{"name":"2009 IEEE International Conference on Intelligence and Security Informatics","volume":"45 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-06-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"15","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 IEEE International Conference on Intelligence and Security Informatics","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISI.2009.5137326","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 15
Abstract
Necessity is the mother of invention, and necessity has produced many software and hardware tools in the realm of computer networking and security to overcome problems encountered in the private and public sector. Unconventionally installed operating systems including virtual machines, operating systems installed on removable media and external storage drives are some recent inventions. These tools have been very useful to network administrators, but they can also be used in ways not intended by their creators in an attempt to mask the activities of a user. This paper will attempt to evaluate the possibility of using these unconventionally installed operating systems in an attempt to hide one's activities from conventional digital forensic tools. This evaluation will be conducted by repeating a series of tests inside a virtual environment, then overwriting the virtual environment flat file and having the host computer imaged and examined by forensic tools.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
